Tuesday, December 9, 2008

Why do so many in P2P and academics think that IPv6 will be the end of NATs and all to all connectivity will be restored? I think there a few fallacies with these comments. First and most importantly the purpose of most firewalls and NATs in businesses and education right now is to provide isolation so that all traffic must pass through a single entry point, be filtered, and then finally delivered. A good firewall should prevent a user from sending an incoming packet into a firewalled network until a machine inside that firewall has established a need for that connection. Given all the arguments for openness, how does this model work in the future? Are admins to leave all ports to internal machines open? Should there be a communication mechanism between the firewall and the users machine informing him that someone wants to communicate with him on such and such a port. If we make things more complicated, the lay user will be caught up in the storm. If listening to those not in this field about their difficulties has taught me one thing, its that things are not simple enough. Obviously there should be room for those who want to tweak things themselves, but adding complexity at the users' end will not make things easier. Since IPv6 has already been well defined, there needs to be some way to guarantee integrity between two points in a network and the only way to do that over the entire Internet is through the user of overlays. The overlay needs to have support for users who only want to make outgoing connections, the ability to find faults in the underlying network and route packets around it, the overlay needs to be self-organizing, the overlay could even potentially be used to handle traffic control such that optimal paths for latency and bandwidth are taken rather than static routes.

I am not all knowing, but I am certainly smart enough to realize that the solution to P2P and distributed computing will not be IPv6. It may help to some degree. The bottom line, however, is that we need to develop techniques that protect the user as much as possible while still proving the richest content.

The idea that if we send a message to our router, letting him know, hey we want to connect to so and so, let his messages through, has a nice ring to it. Will routers support it? That I do not know, but that only solves the problem of end to end connectivity in non-faulty systems. There is still the issue of faulty areas in the network and non-optimal routes.

Coming back... it appears this idea of using a third party to route already exists both in Skype and for Mobile IP. It is called Triangular Routing. Jeez... people are smart :).